CVE-2022-36438

AsusSwitch.exe on ASUS personal computers (running Windows) sets weak file permissions, leading to local privilege escalation (this also can be used to delete files within the system arbitrarily). This affects ASUS System Control Interface 3 before 3.1.5.0, and AsusSwitch.exe before 1.0.10.0.
Configurations

Configuration 1

cpe:2.3:a:asus:asusswitch:*:*:*:*:*:*:*:*
cpe:2.3:a:asus:system_control_interface:*:*:*:*:*:*:*:*

Information

Published : 2022-10-18 12:15

Updated : 2022-10-20 05:49


NVD link : CVE-2022-36438

Mitre link : CVE-2022-36438

Products Affected
No products.
CWE
CWE-276

Incorrect Default Permissions